SOLVED: Kaspersky 8 Antivirus Engine Update for ‘ForeFront Protection 2010 For Exchange’ Alert

Problem:

Every day or so since the summer of 2010 I receive the following email from my Exchange 2010 server:

“Microsoft has released new versions* of the Forefront/Antigen product that you are using.  These new versions include the new Kaspersky 8 antivirus engine, which replaces the older Kaspersky 5 antivirus engine.  The product version you are currently running will continue to function with the Kaspersky 5 engine until Jan. 31, 2011.  As of Feb. 1, 2011, Microsoft will stop publishing the Kaspersky 5 engine.  Customers must upgrade to the latest version of Forefront/Antigen to access the new Kaspersky 8 engine.  Please see:  http://go.microsoft.com/fwlink/?LinkId=193118 for more details.

*If you are running Forefront Security for OCS, Antigen 9.0, and FSSMC new roll ups for these products will be released in August 2010.”

 The link is from 2009 and its contents do not appear to relate to ForeFront 2010.

 All of my HEALTH MONITORs are green, nothing related shows in WINDOWS UPDATE and I can not find any references to Kaspersky being retired from FF2010 in Bing/Google

Solution:

The Hot Fix for ForeFront Protection 2010 For Exchange was released on Nov 30th at http://support.microsoft.com/kb/2270641/en-us .  This patch REQUIRES the usual Hot Fix process of entering email address in the MS page and then waiting for a link to an encrypted .ZIP file. 

This patch took quite some time to install and appeared to be stuck several times, on my highly underpowered Exchange 2010 VM.  So just be patient.

Prior to the update Forefront, according to HELP, ABOUT, was at build version 11.0.677 and after the update was at 11.0.705.  However, under ENGINE SUMMARY, Kaspersky still showed as v5 (as opposed to v8).  The install appeared to restart several of the services so I did not think there was much point in doing that again and I had to patch the server anyway so I rebooted and now the ENGINE SUMMARY shows Kaspersky as v8 and all appears well.

Opinion:

Three points for Microsoft:

  1. This is an absolutely crazy way to deliver required and common updates.  The update should have shown up under Windows Updates or HELP, CHECK FOR UPDATES or even a straight download from download.microsoft.com
  2. If Microsoft is going to provide a link to and update, make sure the thing is relavent to the product at hand; http://go.microsoft.com/fwlink/?LinkId=193118 is an annoying waist of my time. 
  3. If the system is going to spin out alerts for patches that don’t exist yet, Microsoft should (at a minimum) make a note of that in the alert! 

Comments

  1. Avatar
    Sarbjit Singh December 7, 2011 at 9:22 am

    thanks. this worked for me. 🙂

Questions or Comments?